DedeBIZ
/
DedeV6
关注 2
点赞 0
派生 0
代码 合并请求 0 版本发布 31 动态
浏览代码

调整前后台登录方式

tags/6.2.0
tianya 3 年前
父节点
6bc5b83e58
当前提交
3ff4efefd0
共有 15 个文件被更改,包括 281 次插入72 次删除
合并视图
Diff 选项
显示统计 下载 Patch 文件 下载 Diff 文件
  1. +21
    -0
      src/admin/api.php
  2. +17
    -0
      src/admin/js/login.js
  3. +11
    -2
      src/admin/login.php
  4. +9
    -0
      src/admin/templets/login.htm
  5. +2
    -0
      src/install/sql-dftables.txt
  6. +3
    -1
      src/install/update.txt
  7. +17
    -0
      src/static/web/js/login.js
  8. +57
    -3
      src/system/memberlogin.class.php
  9. +56
    -10
      src/system/userlogin.class.php
  10. +2
    -2
      src/theme/dedebiz/foot.htm
  11. +1
    -1
      src/theme/dedebiz/widget_article_feedback.htm
  12. +0
    -52
      src/user/ajax_loginsta.php
  13. +68
    -0
      src/user/api.php
  14. +9
    -0
      src/user/index_do.php
  15. +8
    -1
      src/user/templets/login.htm

+ 21
- 0
src/admin/api.php 查看文件

@@ -0,0 +1,21 @@
<?php
define('AJAXLOGIN', TRUE);
define('DEDEADMIN', str_replace("\\", '/', dirname(__FILE__)));
require_once(DEDEADMIN.'/../system/common.inc.php');
require_once(DEDEINC.'/userlogin.class.php');
AjaxHead();

$action = isset($action) && in_array($action, array('is_need_check_code'))? $action : '';

if ($action === 'is_need_check_code') {
$cuserLogin = new userLogin();
$isNeed = $cuserLogin->isNeedCheckCode($userid);
echo json_encode(array(
"code" => 0,
"msg" => "",
"data" => array(
"isNeed" => $isNeed,
),
));
exit;
}

+ 17
- 0
src/admin/js/login.js 查看文件

@@ -0,0 +1,17 @@
$(document).ready(function () {
$("#iptUserid").focusout(function () {
let userid = $(this).val();
if (userid !== '') {
$.get("api.php?action=is_need_check_code&userid=" + userid, function (data) {
let rs = JSON.parse(data);
if (rs.code === 0) {
if (rs.data.isNeed) {
$("#vdimgck").show();
} else {
$("#vdimgck").hide();
}
}
});
}
})
})

+ 11
- 2
src/admin/login.php 查看文件

@@ -38,10 +38,19 @@ if (preg_match('/admin\/login/i', $cururl)) {
$admindirs = explode('/', str_replace("\\", '/', dirname(__FILE__))); $admindirs = explode('/', str_replace("\\", '/', dirname(__FILE__)));
$admindir = $admindirs[count($admindirs) - 1]; $admindir = $admindirs[count($admindirs) - 1];
if ($dopost == 'login') { if ($dopost == 'login') {
$validate = empty($validate) ? '' : strtolower(trim($validate));
$svali = strtolower(GetCkVdValue());
$cuserLogin = new userLogin($admindir); $cuserLogin = new userLogin($admindir);
if (!empty($userid) && !empty($pwd)) { if (!empty($userid) && !empty($pwd)) {
$isNeed = $cuserLogin->isNeedCheckCode($userid);
if ($isNeed) {
$validate = empty($validate) ? '' : strtolower(trim($validate));
$svali = strtolower(GetCkVdValue());
if ($validate == '' || $validate != $svali) {
ResetVdValue();
ShowMsg('验证码不正确', 'login.php', 0, 1000);
exit;
}
}

$res = $cuserLogin->checkUser($userid, $pwd); $res = $cuserLogin->checkUser($userid, $pwd);
if ($res == 1) { if ($res == 1) {
$cuserLogin->keepUser(); $cuserLogin->keepUser();


+ 9
- 0
src/admin/templets/login.htm 查看文件

@@ -9,6 +9,8 @@
<link rel="stylesheet" href="../static/web/css/bootstrap.min.css"> <link rel="stylesheet" href="../static/web/css/bootstrap.min.css">
<link rel="stylesheet" href="../static/web/font/css/font-awesome.min.css"> <link rel="stylesheet" href="../static/web/font/css/font-awesome.min.css">
<link rel="stylesheet" href="css/login.min.css"> <link rel="stylesheet" href="css/login.min.css">
<script src="../static/web/js/jquery.min.js"></script>
<script src="js/login.js"></script>
</head> </head>
<body> <body>
<?php if (preg_match('/MSIE/i',$_SERVER['HTTP_USER_AGENT']) || preg_match('/Trident/i',$_SERVER['HTTP_USER_AGENT'])) {?> <?php if (preg_match('/MSIE/i',$_SERVER['HTTP_USER_AGENT']) || preg_match('/Trident/i',$_SERVER['HTTP_USER_AGENT'])) {?>
@@ -44,6 +46,13 @@
<label for="iptPassword">密码</label> <label for="iptPassword">密码</label>
<input type="password" name="pwd" id="iptPassword" class="form-control"> <input type="password" name="pwd" id="iptPassword" class="form-control">
</div> </div>
<div id="vdimgck" class="form-group" style="display: none;">
<label for="iptValidate">验证码</label>
<div class="input-group">
<input type="text" name="validate" id="iptValidate" class="form-control text-uppercase">
<img src="../apps/vdimgck.php" onclick="this.src='../apps/vdimgck.php?'+new Date().getTime()+Math.round(Math.random() * 10000)" title="验证码" id="validateimg">
</div>
</div>
<div><button type="submit" class="btn btn-success w-100">登录</button></div> <div><button type="submit" class="btn btn-success w-100">登录</button></div>
<div class="login-power"><?php echo $cfg_powerby;?></div> <div class="login-power"><?php echo $cfg_powerby;?></div>
</form> </form>


+ 2
- 0
src/install/sql-dftables.txt 查看文件

@@ -128,6 +128,7 @@ CREATE TABLE `#@__admin` (
`typeid` text, `typeid` text,
`logintime` int(10) unsigned NOT NULL default '0', `logintime` int(10) unsigned NOT NULL default '0',
`loginip` varchar(46) NOT NULL default '', `loginip` varchar(46) NOT NULL default '',
`loginerr` tinyint NULL DEFAULT 0,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) TYPE=MyISAM; ) TYPE=MyISAM;
@@ -503,6 +504,7 @@ CREATE TABLE `#@__member` (
`logintime` int(10) unsigned NOT NULL default '0', `logintime` int(10) unsigned NOT NULL default '0',
`loginip` char(46) NOT NULL default '', `loginip` char(46) NOT NULL default '',
`checkmail` smallint(6) NOT NULL default '-1', `checkmail` smallint(6) NOT NULL default '-1',
`loginerr` tinyint NULL DEFAULT 0,
PRIMARY KEY (`mid`), PRIMARY KEY (`mid`),
KEY `userid` (`userid`,`sex`), KEY `userid` (`userid`,`sex`),
KEY `logintime` (`logintime`) KEY `logintime` (`logintime`)


+ 3
- 1
src/install/update.txt 查看文件

@@ -103,4 +103,6 @@ DELETE FROM `#@__sysconfig` WHERE `#@__sysconfig`.`varname` = 'cfg_disable_tags'
DELETE FROM `#@__sysconfig` WHERE `#@__sysconfig`.`varname` = 'cfg_vdcode_member'; DELETE FROM `#@__sysconfig` WHERE `#@__sysconfig`.`varname` = 'cfg_vdcode_member';


-- 6.2.0 -- 6.2.0
ALTER TABLE `#@__arctype` CHANGE COLUMN `iscross` `cross` tinyint(1) NOT NULL DEFAULT 0 AFTER `ishidden`;
ALTER TABLE `#@__arctype` CHANGE COLUMN `iscross` `cross` tinyint(1) NOT NULL DEFAULT 0 AFTER `ishidden`;
ALTER TABLE `#@__admin` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `loginip`;
ALTER TABLE `#@__member` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `checkmail`;

+ 17
- 0
src/static/web/js/login.js 查看文件

@@ -0,0 +1,17 @@
$(document).ready(function () {
$("#iptUserid").focusout(function () {
let userid = $(this).val();
if (userid !== '') {
$.get("api.php?action=is_need_check_code&userid=" + userid, function (data) {
let rs = JSON.parse(data);
if (rs.code === 0) {
if (rs.data.isNeed) {
$("#vdimgck").show();
} else {
$("#vdimgck").hide();
}
}
});
}
})
})

+ 57
- 3
src/system/memberlogin.class.php 查看文件

@@ -391,8 +391,10 @@ class MemberLogin
$row = $dsql->GetOne("SELECT mid,matt,pwd,pwd_new,logintime FROM `#@__member` WHERE userid LIKE '$loginuser' "); $row = $dsql->GetOne("SELECT mid,matt,pwd,pwd_new,logintime FROM `#@__member` WHERE userid LIKE '$loginuser' ");
if (is_array($row)) { if (is_array($row)) {
if (!empty($row['pwd_new']) && !password_verify($loginpwd, $row['pwd_new'])) { if (!empty($row['pwd_new']) && !password_verify($loginpwd, $row['pwd_new'])) {
$this->loginError($loginuser);
return -1; return -1;
}else if (!empty($row['pwd']) && $this->GetShortPwd($row['pwd']) != $this->GetEncodePwd($loginpwd)) {
} else if (!empty($row['pwd']) && $this->GetShortPwd($row['pwd']) != $this->GetEncodePwd($loginpwd)) {
$this->loginError($loginuser);
return -1; return -1;
} else { } else {
if (empty($row['pwd_new']) && function_exists('password_hash')) { if (empty($row['pwd_new']) && function_exists('password_hash')) {
@@ -413,6 +415,58 @@ class MemberLogin
return 0; return 0;
} }
} }
/**
* 是否需要验证码
*
* @param mixed $loginuser
* @return bool
*/
function isNeedCheckCode($loginuser)
{
$num = $this->getLoginError($loginuser);
return $num >= 3 ? true : false;
}
/**
* 1分钟以内登录错误的次数
*
* @param mixed $loginuser
* @return int 登录错误次数
*/
function getLoginError($loginuser)
{
global $dsql;
$rs = CheckUserID($loginuser, '用户名', FALSE);
//用户名不正确时返回验证错误,原登录名通过引用返回错误提示信息
if ($rs != 'ok') {
return -1;
}
$row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__member` WHERE userid LIKE '$loginuser'");
if (is_array($row)) {
//1分钟内如果输错3次则需要验证码
return (time() - (int)$row['logintime']) < 60 ? (int)$row['loginerr'] : 0;
} else {
return -1;
}
}
/**
* 记录登录错误
*
* @return void
*/
function loginError($loginuser)
{
global $dsql;
$rs = CheckUserID($loginuser, '用户名', FALSE);
//用户名不正确时返回验证错误,原登录名通过引用返回错误提示信息
if ($rs != 'ok') {
return;
}
$loginip = GetIP();
$inquery = "UPDATE `#@__member` SET loginip='$loginip',logintime='" . time() . "',loginerr=loginerr+1 WHERE userid='" . $loginuser . "'";
$dsql->ExecuteNoneQuery($inquery);
}
/** /**
* 保存用户cookie * 保存用户cookie
* *
@@ -431,7 +485,7 @@ class MemberLogin
$this->M_ID = $uid; $this->M_ID = $uid;
$this->M_LoginTime = time(); $this->M_LoginTime = time();
$loginip = GetIP(); $loginip = GetIP();
$inquery = "UPDATE `#@__member` SET loginip='$loginip',logintime='".$this->M_LoginTime."' WHERE mid='".$uid."'";
$inquery = "UPDATE `#@__member` SET loginip='$loginip',logintime='".$this->M_LoginTime."',loginerr=0 WHERE mid='".$uid."'";
$dsql->ExecuteNoneQuery($inquery); $dsql->ExecuteNoneQuery($inquery);
if ($this->M_KeepTime > 0) { if ($this->M_KeepTime > 0) {
PutCookie('DedeUserID', $uid, $this->M_KeepTime); PutCookie('DedeUserID', $uid, $this->M_KeepTime);
@@ -445,7 +499,7 @@ class MemberLogin
* 获得会员目前的状态 * 获得会员目前的状态
* *
* @access public * @access public
* @param string $dsql 数据库连接
* @param object $dsql 数据库连接
* @return string * @return string
*/ */
function GetSta($dsql) function GetSta($dsql)


+ 56
- 10
src/system/userlogin.class.php 查看文件

@@ -106,10 +106,10 @@ function CheckCatalog($cid, $msg)
*/ */
function AddMyAddon($fid, $filename) function AddMyAddon($fid, $filename)
{ {
$cacheFile = DEDEDATA.'/cache/addon-'.session_id().'.inc';
$cacheFile = DEDEDATA . '/cache/addon-' . session_id() . '.inc';
if (!file_exists($cacheFile)) { if (!file_exists($cacheFile)) {
$fp = fopen($cacheFile, 'w'); $fp = fopen($cacheFile, 'w');
fwrite($fp, '<'.'?php'."\r\n");
fwrite($fp, '<' . '?php' . "\r\n");
fwrite($fp, "\$myaddons = array();\r\n"); fwrite($fp, "\$myaddons = array();\r\n");
fwrite($fp, "\$maNum = 0;\r\n"); fwrite($fp, "\$maNum = 0;\r\n");
fclose($fp); fclose($fp);
@@ -133,7 +133,7 @@ function AddMyAddon($fid, $filename)
function ClearMyAddon($aid = 0, $title = '') function ClearMyAddon($aid = 0, $title = '')
{ {
global $dsql; global $dsql;
$cacheFile = DEDEDATA.'/cache/addon-'.session_id().'.inc';
$cacheFile = DEDEDATA . '/cache/addon-' . session_id() . '.inc';
$_SESSION['bigfile_info'] = array(); $_SESSION['bigfile_info'] = array();
$_SESSION['file_info'] = array(); $_SESSION['file_info'] = array();
if (!file_exists($cacheFile)) { if (!file_exists($cacheFile)) {
@@ -212,16 +212,18 @@ class userLogin
$this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username); $this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username);
$this->userPwd = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $userpwd); $this->userPwd = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $userpwd);
$pwd = substr(md5($this->userPwd), 5, 20); $pwd = substr(md5($this->userPwd), 5, 20);
$dsql->SetQuery("SELECT admin.*,atype.purviews FROM `#@__admin` admin LEFT JOIN `#@__admintype` atype ON atype.`rank`=admin.usertype WHERE admin.userid LIKE '".$this->userName."' LIMIT 0,1");
$dsql->SetQuery("SELECT admin.*,atype.purviews FROM `#@__admin` admin LEFT JOIN `#@__admintype` atype ON atype.`rank`=admin.usertype WHERE admin.userid LIKE '" . $this->userName . "' LIMIT 0,1");
$dsql->Execute(); $dsql->Execute();
$row = $dsql->GetObject(); $row = $dsql->GetObject();
if (!isset($row->pwd)) { if (!isset($row->pwd)) {
return -1; return -1;
} else if (!empty($row->pwd_new) && !password_verify($this->userPwd, $row->pwd_new)) { } else if (!empty($row->pwd_new) && !password_verify($this->userPwd, $row->pwd_new)) {
$this->loginError($row->id);
return -2; return -2;
} else if (!empty($row->pwd) && $pwd != $row->pwd) { } else if (!empty($row->pwd) && $pwd != $row->pwd) {
$this->loginError($row->id);
return -2; return -2;
}else {
} else {
$upsql = ""; $upsql = "";
if (empty($row->pwd_new) && function_exists('password_hash')) { if (empty($row->pwd_new) && function_exists('password_hash')) {
//升级密码 //升级密码
@@ -234,13 +236,58 @@ class userLogin
$this->userChannel = $row->typeid; $this->userChannel = $row->typeid;
$this->userName = $row->uname; $this->userName = $row->uname;
$this->userPurview = $row->purviews; $this->userPurview = $row->purviews;
$inquery = "UPDATE `#@__admin` SET loginip='$loginip',logintime='".time()."'{$upsql} WHERE id='".$row->id."'";
$inquery = "UPDATE `#@__admin` SET loginip='$loginip',logintime='" . time() . "'{$upsql},loginerr=0 WHERE id='" . $row->id . "'";
$dsql->ExecuteNoneQuery($inquery); $dsql->ExecuteNoneQuery($inquery);
$sql = "UPDATE `#@__member` SET logintime=".time().", loginip='$loginip' WHERE mid=".$row->id;
$sql = "UPDATE `#@__member` SET logintime=" . time() . ", loginip='$loginip' WHERE mid=" . $row->id;
$dsql->ExecuteNoneQuery($sql); $dsql->ExecuteNoneQuery($sql);
return 1; return 1;
} }
} }
/**
* 是否需要验证码
*
* @param mixed $username
* @return bool
*/
function isNeedCheckCode($username)
{
$num = $this->getLoginError($username);
return $num >= 3 ? true : false;
}
/**
* 1分钟以内登录错误的次数
*
* @param mixed $username
* @return int 登录错误次数
*/
function getLoginError($username)
{
global $dsql;
$this->userName = preg_replace("/[^0-9a-zA-Z_@!\.-]/", '', $username);
$row = $dsql->GetOne("SELECT loginerr,logintime FROM `#@__admin` WHERE userid LIKE '$this->userName'");
if (is_array($row)) {
//1分钟内如果输错3次则需要验证码
return (time() - (int)$row['logintime']) < 60 ? (int)$row['loginerr'] : 0;
} else {
return -1;
}
}
/**
* 记录登录错误
*
* @return void
*/
function loginError($adminid)
{
global $dsql;
$loginip = GetIP();
$inquery = "UPDATE `#@__admin` SET loginip='$loginip',logintime='" . time() . "',loginerr=loginerr+1 WHERE id='" . $adminid . "'";
$dsql->ExecuteNoneQuery($inquery);
}
/** /**
* 保持用户的会话状态 * 保持用户的会话状态
* *
@@ -281,7 +328,7 @@ class userLogin
function ReWriteAdminChannel() function ReWriteAdminChannel()
{ {
//$this->userChannel //$this->userChannel
$cacheFile = DEDEDATA.'/cache/admincat_'.$this->userID.'.inc';
$cacheFile = DEDEDATA . '/cache/admincat_' . $this->userID . '.inc';
//管理员管理的栏目列表 //管理员管理的栏目列表
$typeid = trim($this->userChannel); $typeid = trim($this->userChannel);
if (empty($typeid) || $this->getUserType() >= 10) { if (empty($typeid) || $this->getUserType() >= 10) {
@@ -296,7 +343,7 @@ class userLogin
$typeids = explode(',', $typeid); $typeids = explode(',', $typeid);
$typeid = ''; $typeid = '';
foreach ($typeids as $tid) { foreach ($typeids as $tid) {
$typeid .= ($typeid == '' ? GetSonIdsUL($tid) : ','.GetSonIdsUL($tid));
$typeid .= ($typeid == '' ? GetSonIdsUL($tid) : ',' . GetSonIdsUL($tid));
} }
$typeids = explode(',', $typeid); $typeids = explode(',', $typeid);
$typeidsnew = array_unique($typeids); $typeidsnew = array_unique($typeids);
@@ -443,4 +490,3 @@ function GetSonIdsLogicUL($id, $sArr, $channel = 0, $addthis = FALSE)
} }
} }
} }
?>

+ 2
- 2
src/theme/dedebiz/foot.htm 查看文件

@@ -13,10 +13,10 @@
<script> <script>
//校验是否登录 //校验是否登录
function CheckLogin() { function CheckLogin() {
$.get("{dede:global.cfg_cmsurl/}/user/ajax_loginsta.php?format=json",function(data) {
$.get("{dede:global.cfg_cmsurl/}/user/api.php?format=json",function(data) {
let result = JSON.parse(data); let result = JSON.parse(data);
if (result.code === 200) { if (result.code === 200) {
$("#_login").html(`<a href="/user/edit_baseinfo.php"class="user-admin mr-3"><img src="${result.data.facepic}" alt="${result.data.username}" title="${result.data.username}">${result.data.username}</a><a href="/user" class="btn btn-primary btn-sm"><i class="fa fa-user-circle"></i></a><a href="/user/pm.php" class="btn btn-primary btn-sm"><i class="fa fa-bullhorn"></i></a><a href="/user/index_do.php?fmdo=login&dopost=exit" class="btn btn-success btn-sm"><i class="fa fa-sign-out"></i></a>`);
$("#_login").html(`<a href="{dede:global.cfg_cmsurl/}/user/edit_baseinfo.php"class="user-admin mr-3"><img src="${result.data.facepic}" alt="${result.data.username}" title="${result.data.username}">${result.data.username}</a><a href="{dede:global.cfg_cmsurl/}/user" class="btn btn-primary btn-sm"><i class="fa fa-user-circle"></i></a><a href="/user/pm.php" class="btn btn-primary btn-sm"><i class="fa fa-bullhorn"></i></a><a href="{dede:global.cfg_cmsurl/}/user/index_do.php?fmdo=login&dopost=exit" class="btn btn-success btn-sm"><i class="fa fa-sign-out"></i></a>`);
$("#iptUsername").val(result.data.username); $("#iptUsername").val(result.data.username);
$("#iptUsername").attr("disabled", "disabled"); $("#iptUsername").attr("disabled", "disabled");
$(".areaValidate").hide(); $(".areaValidate").hide();


+ 1
- 1
src/theme/dedebiz/widget_article_feedback.htm 查看文件

@@ -105,7 +105,7 @@
<button class="btn btn-success btnSend" type="button" onClick='SendReplyFeedback(${fid})'>回复</button> <button class="btn btn-success btnSend" type="button" onClick='SendReplyFeedback(${fid})'>回复</button>
</div> </div>
</div>`; </div>`;
$.get("{dede:global.cfg_cmsurl/}/user/ajax_loginsta.php?format=json", function(data) {
$.get("{dede:global.cfg_cmsurl/}/user/api.php?format=json", function(data) {
let result = JSON.parse(data); let result = JSON.parse(data);
if (result.code !== 200) { if (result.code !== 200) {
$(`._feedback_reply`).html(""); $(`._feedback_reply`).html("");


+ 0
- 52
src/user/ajax_loginsta.php 查看文件

@@ -1,52 +0,0 @@
<?php
/**
* @version $id:ajax_loginsta.php 8:38 2010年7月9日 tianya $
* @package DedeBIZ.User
* @copyright Copyright (c) 2022 DedeBIZ.COM
* @license https://www.dedebiz.com/license
* @link https://www.dedebiz.com
*/
define('AJAXLOGIN', TRUE);
require_once(dirname(__FILE__)."/config.php");
AjaxHead();
$format = isset($format) ? "json" : "";
if (!$cfg_ml->IsLogin()) {
if ($format === 'json') {
echo json_encode(array(
"code" => -1,
"msg" => "尚未登录",
"data" => null,
));
} else {
echo "";
}
exit;
}
$uid = $cfg_ml->M_LoginID;
!$cfg_ml->fields['face'] && $face = ($cfg_ml->fields['sex'] == '女') ? 'dfgirl' : 'dfboy';
$facepic = empty($face) ? $cfg_ml->fields['face'] : $GLOBALS['cfg_memberurl'].'/templets/images/'.$face.'.png';
if ($format === 'json') {
echo json_encode(array(
"code" => 200,
"msg" => "",
"data" => array(
"username" => $cfg_ml->M_UserName,
"myurl" => $myurl,
"facepic" => $facepic,
"memberurl" => $cfg_memberurl,
),
));
exit;
}
?>
<div class="userinfo">
<div class="welcome">您好:<?php echo $cfg_ml->M_UserName;?>,欢迎登录 </div>
<div class="userface">
<a href="<?php echo $cfg_memberurl;?>/index.php"><img src="<?php echo $facepic;?>" width="52" height="52" /></a>
</div>
<div class="uclink">
<a href="<?php echo $cfg_memberurl;?>/index.php">会员中心</a> |
<a href="<?php echo $cfg_memberurl;?>/edit_baseinfo.php">资料</a> |
<a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=login&dopost=exit">退出登录</a>
</div>
</div>

+ 68
- 0
src/user/api.php 查看文件

@@ -0,0 +1,68 @@
<?php
/**
* @version $id:api.php 8:38 2010年7月9日 tianya $
* @package DedeBIZ.User
* @copyright Copyright (c) 2022 DedeBIZ.COM
* @license https://www.dedebiz.com/license
* @link https://www.dedebiz.com
*/
define('AJAXLOGIN', TRUE);
require_once(dirname(__FILE__)."/config.php");
AjaxHead();
$action = isset($action)? $action : '';
if ($action === 'is_need_check_code') {
$isNeed = $cfg_ml->isNeedCheckCode($userid);
echo json_encode(array(
"code" => 0,
"msg" => "",
"data" => array(
"isNeed" => $isNeed,
),
));
exit;
} else {
$format = isset($format) ? "json" : "";
if (!$cfg_ml->IsLogin()) {
if ($format === 'json') {
echo json_encode(array(
"code" => -1,
"msg" => "尚未登录",
"data" => null,
));
} else {
echo "";
}
exit;
}
$uid = $cfg_ml->M_LoginID;
!$cfg_ml->fields['face'] && $face = ($cfg_ml->fields['sex'] == '女') ? 'dfgirl' : 'dfboy';
$facepic = empty($face) ? $cfg_ml->fields['face'] : $GLOBALS['cfg_memberurl'].'/templets/images/'.$face.'.png';
if ($format === 'json') {
echo json_encode(array(
"code" => 200,
"msg" => "",
"data" => array(
"username" => $cfg_ml->M_UserName,
"myurl" => $myurl,
"facepic" => $facepic,
"memberurl" => $cfg_memberurl,
),
));
exit;
}
?>
<div class="userinfo">
<div class="welcome">您好:<?php echo $cfg_ml->M_UserName;?>,欢迎登录 </div>
<div class="userface">
<a href="<?php echo $cfg_memberurl;?>/index.php"><img src="<?php echo $facepic;?>" width="52" height="52" /></a>
</div>
<div class="uclink">
<a href="<?php echo $cfg_memberurl;?>/index.php">会员中心</a> |
<a href="<?php echo $cfg_memberurl;?>/edit_baseinfo.php">资料</a> |
<a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=login&dopost=exit">退出登录</a>
</div>
</div>
<?php
}
?>

+ 9
- 0
src/user/index_do.php 查看文件

@@ -180,6 +180,15 @@ else if ($fmdo == 'login') {
ShowMsg("密码不能为空", "-1", 0, 2000); ShowMsg("密码不能为空", "-1", 0, 2000);
exit(); exit();
} }
$isNeed = $cfg_ml->isNeedCheckCode($userid);
if ($isNeed) {
$svali = GetCkVdValue();
if (strtolower($vdcode) != $svali || $svali == '') {
ResetVdValue();
ShowMsg('验证码错误', 'index.php');
exit();
}
}
//检查帐号 //检查帐号
$rs = $cfg_ml->CheckUser($userid, $pwd); $rs = $cfg_ml->CheckUser($userid, $pwd);
if ($rs == 0) { if ($rs == 0) {


+ 8
- 1
src/user/templets/login.htm 查看文件

@@ -9,6 +9,7 @@
<link rel="stylesheet" href="<?php echo $cfg_cmsurl;?>/static/web/css/style.css"> <link rel="stylesheet" href="<?php echo $cfg_cmsurl;?>/static/web/css/style.css">
<link rel="stylesheet" href="<?php echo $cfg_cmsurl;?>/static/web/css/user.css"> <link rel="stylesheet" href="<?php echo $cfg_cmsurl;?>/static/web/css/user.css">
<script src="<?php echo $cfg_cmsurl;?>/static/web/js/jquery.min.js"></script> <script src="<?php echo $cfg_cmsurl;?>/static/web/js/jquery.min.js"></script>
<script src="<?php echo $cfg_cmsurl;?>/static/web/js/login.js"></script>
</head> </head>
<body class="body-bg"> <body class="body-bg">
<?php pasterTempletDiy('top.htm');?> <?php pasterTempletDiy('top.htm');?>
@@ -23,8 +24,14 @@
<input type="hidden" name="dopost" value="login"> <input type="hidden" name="dopost" value="login">
<input type="hidden" name="keeptime" value="604800"> <input type="hidden" name="keeptime" value="604800">
<input type="hidden" name="gourl" value="<?php if (!empty($gourl)) echo $gourl;?>"> <input type="hidden" name="gourl" value="<?php if (!empty($gourl)) echo $gourl;?>">
<div class="form-group"><input name="userid" type="text" class="form-control" placeholder="输入用户名"></div>
<div class="form-group"><input id="iptUserid" name="userid" type="text" class="form-control" placeholder="输入用户名"></div>
<div class="form-group"><input name="pwd" type="password" class="form-control" id="iptPwd" placeholder="输入密码"></div> <div class="form-group"><input name="pwd" type="password" class="form-control" id="iptPwd" placeholder="输入密码"></div>
<div class="form-group" id="vdimgck" style="display: none;">
<div class="input-group">
<input name="vdcode" type="text" class="form-control text-uppercase" id="iptValidate" placeholder="请输入验证码">
<img src="<?php echo $cfg_cmsurl;?>/apps/vdimgck.php" id="validateimg" onclick="this.src='<?php echo $cfg_cmsurl;?>/apps/vdimgck.php?'+new Date().getTime()+Math.round(Math.random() * 10000)" title="验证码">
</div>
</div>
<div class="form-group"><button type="submit" class="btn btn-success w-100">登录</button></div> <div class="form-group"><button type="submit" class="btn btn-success w-100">登录</button></div>
<div class="form-group"><a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=user&dopost=regnew" class="btn btn-outline-success w-100">注册</a></div> <div class="form-group"><a href="<?php echo $cfg_memberurl;?>/index_do.php?fmdo=user&dopost=regnew" class="btn btn-outline-success w-100">注册</a></div>
<div><a href="<?php echo $cfg_memberurl;?>/resetpassword.php" class="text-dark">忘记密码</a></div> <div><a href="<?php echo $cfg_memberurl;?>/resetpassword.php" class="text-dark">忘记密码</a></div>


撰写 预览
正在加载...
取消
保存